KaZaA users brace for hijack (more than a million PCs could be hijacked)

Sydney Morning Herald ^ | April 30 2002 | Nathan Cochrane

[billbears]

bump

[X-USAF]

I just downloaded Grokster, and for all intents and purposes, it looks and functions EXACTLY as KaZaA. I wonder if the two are are one in the same?

[dead]

Thanks for all the information on this thread.

I have alot of clean-up ahead.

[HairOfTheDog]

Glad it worked for you! I followed those instructions and also got Kazaa off my machine. (After getting the file I was there for of course)

Hehehehe. And therein lies the rub. I have only a teensy bit of pity for any of us that were troubled by this little gremlin... After all, there is no free lunch. Or, if you hang out with theives, don't be surprised when they try to steal from you, too.

I knew when I walked into the dark smoky room that is KazAa looking for an illegal stolen bootleg of a popular fantasy film not yet available on DVD... That I had left the moral high ground and was now swimming with alligators. Let is be a lesson to us all!

Go forth and sin no more!

At least until spring 2003, when another popular fantasy film shall hit the bootleg underground and tempt us to return... whispering rationalizations in our ears as we stand outside the door, wanting very much to go back into that place just one more time....

[Tree of Liberty]

If you use Ad-Aware, make sure you also download and frequently run RefUpdate. Here's the description from download.com:

Makes sure you always have the most recent referencefile for Ad-aware installed on your system. RefUpdate is a free add-on for Lavasoft's Ad-aware that automatically downloads and installs the latest adware definitions on your system. If no reference file can be located, the most recent file will always be downloaded and installed.
Note: You need to have Ad-aware installed on your system before you can use this free add-on.

[Tree of Liberty]

I believe they're both clients on the same network, called FastTrack. Morpheus used to be on FastTrack, but there were some licensing feudes, so it moved over to the Gnutella network.

[Huck]

bump for later

[Benson_Carter]

if you remove the required .dll files from Kazaa, the program becomes disabled. Uninstall Kazaa, Morpheus, BearShare, LimeWire, Gator, and any other file sharing/known spyware program, then run the AdWare program I linked in my earlier post on this thread. THEN, run that program, and delete any adware/spyware it finds. Then you can download, install and ENJOY Kazaa Lite.

regards,

[Schakaljager]

I'm happy with WinMX, try it out.

[X-USAF]

Do you know if the Trojan Horse issue with KaZaA also applies to Grokster?

[Tree of Liberty]

BearShare isn't spyware, itself. At installation, it asks if you want to install Gator, and some other programs which are spyware, though. You just need to be diligent and read each screen as you're setting it up.

[Tree of Liberty]

I'm not sure if the distributed computing thing is in Grokster, but it does contain other spyware. This link will tell you how to clean them out and still keep Grokster working.

I've got Kazaa-lite (which is on the same network as Grokster) on my system, and I couldn't find any of the distributed computing files listed above after I installed it. Here's a Wired article about it.

[X-USAF]

Thank you very much for your assistance!

[Marine Inspector]

bttt

[Registered]

bttt

[SC Swamp Fox]

Bookmarked.

[Tree of Liberty]

da nada

[Jimbaugh]

This is a really interesting post.

[proxy_user]

I'd have to disagree. A normal Trojan listens on a port, waiting for the hacker who sent it to you to connect. This is true of SubSeven, NetBus, BackOrifice, etc. Some of them post their IP to Usenet or send an email. Of course, you could write it so that it acts as a client and connects to a server, which is more typical of spyware-type Trojans. Once you have a TCP/IP connection, it doesn't really matter who contacted who, since the conversation is bidirectional.

In any case, you could solve this one by only allowing specific outbound ports, typically 20, 80, 110, and 119.

As for the ignorant masses who buy a router without knowing how to use it, I urge them to learn. Get the O'Reilly TCP/IP book and work through the examples on a Linux or Sun box.